#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Posts
    2
    Rep Power
    0

    Need Help with rDNS Configuration


    I am having issues regarding rejected email due to rDNS not resolving. My normal network guy is moving and therefore not available to help me. I'm hoping someone on this forum will be able to help.

    I have a block of 8 (5 usable) static IPs assigned from my ISP (AT&T) (a '29' network). Presumably the rDNS has been delegated to my nameservers. Recently we moved email to inhouse servers, and now many of the outgoing emails are refused with errors that either the reverse DNS didn't exist, or didn't match. At this point I don't believe rDNS has ever worked in this setup.

    IP Block xxx.yyy.zzz.96 - xxx.yyy.zzz.103
    Email Server: mail.domainname.com

    The configuration files at my nameservers look like the following...

    Code:
    ;; domainname
    ; domainname.com Dumped Mon May 20 09:01:15 2013
    ;
    domainname.com.	86400	IN	SOA	ns1.he.net. hostmaster.he.net. (
    					2012110700	; Serial
    					10800	; Refresh
    					1800	; Retry
    					604800	; Expire
    					86400 )	; Minimum TTL
    domainname.com.	86400	IN	NS	ns1.he.net.
    domainname.com.	86400	IN	NS	ns2.he.net.
    domainname.com.	86400	IN	NS	ns3.he.net.
    domainname.com.	86400	IN	NS	ns4.he.net.
    domainname.com.	86400	IN	NS	ns5.he.net.
    mail.domainname.com.	86400	IN	A	xxx.yyy.zzz.99
    domainname.com.	86400	IN	MX	10 mail.domainname.com.
    (URL address blocked: See forum rules)	86400	IN	CNAME	mail.domainname.com.
    domainname.com.	86400	IN	A	xxx.yyy.zzz.99
    vpn.domainname.com.	86400	IN	A	xxx.yyy.zzz.98
    lab.domainname.com.	86400	IN	A	xxx.yyy.zzz.101
    
    
    ;; xxx.yyy.zzz.96
    Raw AXFR output from ns1.he.net -- Changes made this session will not appear in the dump below. This is not in real time.
    ; zzz.yyy.xxx.in-addr.arpa Dumped Mon May 20 08:58:53 2013
    ;
    zzz.yyy.xxx.in-addr.arpa.	86400	IN	SOA	ns1.he.net. hostmaster.he.net. (
    					2012041508	; Serial
    					10800	; Refresh
    					1800	; Retry
    					604800	; Expire
    					86400 )	; Minimum TTL
    96.zzz.yyy.xxx.in-addr.arpa.	86400	IN	NS	ns1.he.net.
    96.zzz.yyy.xxx.in-addr.arpa.	86400	IN	NS	ns2.he.net.
    96.zzz.yyy.xxx.in-addr.arpa.	86400	IN	NS	ns3.he.net.
    96.zzz.yyy.xxx.in-addr.arpa.	86400	IN	NS	ns4.he.net.
    96.zzz.yyy.xxx.in-addr.arpa.	86400	IN	NS	ns5.he.net.
    99.96.zzz.yyy.xxx.in-addr.arpa.	86400	IN	PTR	mail.domainname.com.
    98.96.zzz.yyy.xxx.in-addr.arpa.	86400	IN	PTR	vpn.domainname.com.
    101.96.zzz.yyy.xxx.in-addr.arpa.	86400	IN	PTR	lab.domainname.com.
    100.96.zzz.yyy.xxx.in-addr.arpa.	86400	IN	PTR	myotherdomain.com.
    I find the "extra" 96 octets in the PTR records suspicious, but I was informed that they are due to the delegation.

    If I do "dig 99.zzz.yyy.xxx.in-addr.arpa -t PTR +trace" I see no PTR records, but it does find a CNAME record
    Code:
    99.zzz.yyy.xxx.in-addr.arpa. 7200 IN	CNAME	99.96.zzz.yyy.xxx.in-addr.arpa.
    which I understand is used as part of the delegation. It must be there from the ISP's configuration.

    However, if I do "dig 99.96.zzz.yyy.xxx.in-addr.arpa -t PTR +trace", it errors, but it DOES find the pointer record

    Code:
    <snip>
    yyy.xxx.in-addr.arpa.	86400	IN	NS	NS1.SWBELL.NET.
    yyy.xxx.in-addr.arpa.	86400	IN	NS	NS3.SBCGLOBAL.NET.
    yyy.xxx.in-addr.arpa.	86400	IN	NS	NS2.SWBELL.NET.
    ;; Received 122 bytes from 199.180.180.63#53(199.180.180.63) in 81 ms
    
    96.zzz.yyy.xxx.in-addr.arpa. 7200 IN	NS	ns1.he.net.
    96.zzz.yyy.xxx.in-addr.arpa. 7200 IN	NS	ns2.he.net.
    ;; Received 90 bytes from 151.164.11.218#53(151.164.11.218) in 40 ms
    
    96.zzz.yyy.xxx.in-addr.arpa. 86400 IN	NS	ns1.he.net.
    96.zzz.yyy.xxx.in-addr.arpa. 86400 IN	NS	ns2.he.net.
    96.zzz.yyy.xxx.in-addr.arpa. 86400 IN	NS	ns3.he.net.
    96.zzz.yyy.xxx.in-addr.arpa. 86400 IN	NS	ns5.he.net.
    96.zzz.yyy.xxx.in-addr.arpa. 86400 IN	NS	ns4.he.net.
    ;; BAD (HORIZONTAL) REFERRAL
    ;; Received 336 bytes from 216.218.130.2#53(216.218.130.2) in 210 ms
    
    99.96.zzz.yyy.xxx.in-addr.arpa.	86400 IN PTR	mail.domainname.com.
    ;; Received 86 bytes from 216.66.80.18#53(216.66.80.18) in 145 ms
    Any help would be appreciated.
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Posts
    289
    Rep Power
    45
    Without the real IP address or domain name, it is very difficult to offer much help.

    J.A. Coutts
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2013
    Posts
    2
    Rep Power
    0
    Originally Posted by couttsj
    Without the real IP address or domain name, it is very difficult to offer much help.

    J.A. Coutts
    I thought that might be the case.

    the IP of the block is 108.215.179.98
    The IP of the mail server is 108.215.179.99
    The domain is mail.controlsoftcorp.com
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Posts
    289
    Rep Power
    45
    Originally Posted by sjfcontrol
    I thought that might be the case.

    the IP of the block is 108.215.179.98
    The IP of the mail server is 108.215.179.99
    The domain is mail.controlsoftcorp.com
    This is different. Doing a forward lookup on the domain name produces the correct result. But the reverse lookup yields a CNAME of 99.96.179.215.108.in-addr.arpa from NS1.SWBELL.NET. My own DNS is able to get the correct result using recursion, but how mail systems would interpret this is beyond my knowledge and experience.

    J.A. Coutts

IMN logo majestic logo threadwatch logo seochat tools logo